Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Crypt::Perl::ECDSA in the Crypt::Perl (aka p5-Crypt-Perl) module before 0.32 for Perl fails to verify correct ECDSA signatures when r and s are small and when s = 1. This happens when using the curve secp256r1 (prime256v1). This could conceivably have a security-relevant impact if an attacker wishes to use public r and s values when guessing whether signature verification will fail.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Crypt::Perl 数据伪造问题漏洞
Vulnerability Description
Perl是Perl社区的一款通用、解释型、动态的跨平台编程语言。Crypt::Perl是其中的一个加密模块。 Crypt::Perl 0.32之前版本(Perl)中的Crypt::Perl::ECDSA存在安全漏洞,该漏洞源于程序未正确验证ECDSA签名。目前尚无此漏洞的相关信息,请随时关注CNNVD或厂商公告。
CVSS Information
N/A
Vulnerability Type
N/A